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DETAILED ACTION 
Double Patenting 

1 . The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory 
obviousness-type double patenting rejection is appropriate where the conflicting claims 
are not identical, but at least one examined application claim is not patentably distinct 
from the reference claim(s) because the examined application claim is either anticipated 
by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 
F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); in re Goodman, 11 F.3d 1046, 29 
USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 
1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 
F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 
USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) 
may be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent either is shown to 
be commonly owned with this application, or claims an invention made as a result of 
activities undertaken within the scope of a joint research agreement. 

Effective January 1 , 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 

2. Claims 1-18 are rejected on the ground of nonstatutory obviousness-type double 
patenting as being unpatentable over claims 1-23 of U.S. Patent No. 6,832,377. 
Although the conflicting claims are not identical, they are not patentably distinct from 
each other because the cited claims are similar to those of the patents except the patent 
claims detail that the retrieval of information is through a dynamic base object and a 
interface dynamic base object. 



Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

4. Claims 8-1 1 and 15-18 are rejected under 35 U.S.C. 102(b) as being anticipated 
by hyperDRIVE: Leveraging LDAP to Implement RBAC on the Web" by BARTZ. 

As to claim 8, BARTZ teaches a method for accessing contents of a resource 
(invoking a business service) by a user (client), comprising: accessing a resource 
which requires registration by a user (via the business data services verify that the user 
is authorized to run the service by communicating with the LDAP server to get the 
user's authentication information) (see fig. 2; pg. 72 first and second column); when the 
resource supports universal registration and the user is universally registered, obtaining 
registration information from a registration dynamic object (LDAP server / directory 
server) (via the business data services verify that the user is authorized to run the 
service by communicating with the LDAP server to get the user's authentication 
information) (see fig. 2; pg. 72 first and second column); and allowing the user to access 
contents of the resource(via through the hyperDRIVE Guide applet, the customer 
invokes an operation such that the web server uses its ORB to contact the LDAP server 
to determine whether the customer's authenticated identified (distinguished name) 
matches the one provided to allow the user to use the resource) (see fig. 2; pg. 72 first 
and second column). 



As to claim 9, BARTZ teaches when the resource fails to support universal 
registration and the user utilizes a registration dynamic base object, registering the user 
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by the registration dynamic base object per pre-registered user data (via the user sends 
its distinguished name to the business service such that it verifies the user has access 
by comparing it to the one stored on the LDAP server wherein the act of authorization 
and authentication are separate activities, thus they occur at different times, SEE PG. 
70, 4th - 6th paragraphs). The cited teachings of BARTZ, inherently teach allowing the 
registration to occur after the requesting access and dynamically change how the 
resources are protected (pg. 70, second column, behaviorial summary). 

As to claim 10, BARTZ teaches when the resource supports universal 
registration and the user is not universally registered, entering registration information 
by the user (via the web client authenticating with the web server / LDAP server in order 
access various business services) (see fig. 2; pg. 72 first and second column). 

As to claim 11, BARTZ teaches the registration information includes a name (via 
the web client authenticating with the web server / LDAP server in order access various 
business services) (see fig. 2; pg. 72 first and second column). It is inherent that in 
order to authenticate with a server, the client has to send its name. 

As to claims 15-18, reference is made to a computer readable medium that 
corresponds to the method of claims 8-1 1 and is therefore met by the rejection of claims 
8-11 above. 
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Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 1-7 and 12-14 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over hyperDRIVE: Leveraging LDAP to Implement RBAC on the Web" by BARTZ. 

As to claim 1, BARTZ teaches a method for providing universal registration, 
comprising: providing user registration information of a user to a universal registration 
resource (via the web client authenticating with the web server / LDAP server in order 
access various business services) (see fig. 2; pg. 72 first and second column), the user 
registration information (distinguished name / user authentication information) 
accessible by providers of resources (via the business data services verify that the user 
is authorized to run the service by communicating with the LDAP server to get the 
user's authentication information) (see fig. 2; pg. 72 first and second column); and 
requesting use of a provider resource which requires the user registration information, 
wherein the provider resource automatically retrieves the user registration information 
from the universal registration resource to enable the user to access the provider 
resource (via through the hyperDRIVE Guide applet, the customer invokes an operation 
such that the web server uses its ORB to contact the LDAP server to determine whether 
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the customer's authenticated identified (distinguished name) matches the one provided 
to allow the user to use the resource) (see fig. 2; pg. 72 first and second column). 
However, BARTZ does not teach that the network is an information appliance network. 
Official Notice is taken in that such a network is well known in the art, and since BARTZ 
teaches that the invention is implemented in Java for its "write once; run anywhere" 
quality it would be obvious to one of ordinary skill in the art that the invention is 
applicable to an information appliance network since the code can run anywhere. 

As to claims 2-6, BARTZ teaches the user registration information is contained in 
a program object (via the role objects / DN (object describing people) being stored in the 
LDAP server which is a directory (see pg 70, Behavioral Summary and pg. 72 first and 
second columns). The cited reference does not detail that the name or object is in a 
string naming convention, however, Official Notice is taken in that object names, 
distinguished names are in a string naming convention that details the location of the 
object, the object name, and a method of the object and therefore it would be obvious 
that the distinguished names or other authentication information provided is in this 
format to be compared with the business services retrieved authentication information 
for the user to see if the user is permitted to access the service. 

As to claim 7, BARTZ teaches the registration information includes a name (via 
the web client authenticating with the web server / LDAP server in order access various 
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business services) (see fig. 2; pg. 72 first and second column). It is inherent that in 
order to authenticate with a server, the client has to send its name. 

As to claims 12 and 13, BARTZ teaches a system for universal registration 
comprising: a digital information server for sending a registration interface dynamic 
base object (authenticated distinguished name reference to the LDAP directory object) 
(see fig. 2; pg. 72 first and second columns; in particular item 1); a universal register 
(LDAP server) for hosting a registration implementation dynamic base object (role 
objects), the registration implementation dynamic base object corresponding to the 
registration interface dynamic base object (see fig. 2; pg. 72 first and second column, in 
particular item 9); a resource (server), communicatively coupled to the digital 
information server and the universal register via a network, requiring user registration 
(via through the hyperDRIVE Guide applet, the customer invokes an operation such that 
the web server uses its ORB to contact the LDAP server to determine whether the 
customer's authenticated identified (distinguished name) matches the one provided to 
allow the user to use the resource) (see fig. 2; pg. 72 first and second column); and 
wherein using the registration implementation dynamic base object (role objects) to 
provide .user registration information, a user of the digital information server gains 
access to contents of the resource (via through the hyperDRIVE Guide applet, the 
customer invokes an operation such that the web server uses its ORB to contact the 
LDAP server to determine whether the customer's authenticated identified 
(distinguished name) matches the one provided to allow the user to use the resource) 
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(see fig. 2; pg. 72 first and second column). However, BARTZ does not teach that the 
network is an information appliance network. Official Notice is taken in that such a 
network is well known in the art, and since BARTZ teaches that the invention is 
implemented in Java for its "write once, run anywhere" quality it would be obvious to 
one of ordinary skill in the art that the invention is applicable to an information appliance 
network since the code can run anywhere. 

As to claim 14, BARTZ teaches the registration information includes a name (via 
the web client authenticating with the web server / LDAP server in order access various 
business services) (see fig. 2; pg. 72 first and second column). It is inherent that in 
order to authenticate with a server, the client has to send its name. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Lewis A. Bullock, Jr. whose telephone number is (571) 
272-3759. The examiner can normally be reached on Monday-Friday, 8:30 a.m. - 5:00 
p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng An can be reached on (571) 272-3756. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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